7/21/2019 Td Win32asm 710.Asm http://slidepdf.com/reader/full/td-win32asm-710asm 1/116 td_win32asm_710.asm ;============================================================================== ; Test Department's WINDOWS 32 BIT x86 ASSEMBLY example 710 ;============================================================================== ;============================================================================== ; ==> Part 710 : NetSpy utility v0.07 >>> USE IT ON YOUR OWN RISC <<< ;------------------------------------------------------------------------------ ; Hi folks, ; ; Major changes since NetSpy v0.05 : ; =================================== ; Program stays on top now : increases speed for my PI 233 MHz. ; Lookup function : improved. ; Phonebook / Dial function : entry deleted, fixed now, I'm very sorry ! ; PortScanner function : code cosmetic, improved, much better now. ; GetAdapterStatus : new powerfull function, replaces NICMAC function. ; Settings : the AutoLog function is not included now ... ; ; you must connected to the world wide web to get the program to full work. ; The Network must be installed, at least you need 1 success connection. ; If you have any Bug Reports, Tips, Sources, Doc's or Wishes please email me. ; ; Information: ; ------------- ; dw_Size parameter of the RASDIALPARAMS structure is 041Ch, not 0419h ! ; dw_Size parameter of the RASENTRYNAME structure is 0108h, not 0105h ! ; dw_Size parameter of the RASCONN structure is 019Ch, not 019Bh ! ; dw_Size parameter of the RASCONNSTATUS structure is 00A0h, not 009Eh ! ; ; You see this structures are doubleword aligned. ; ; ; spy vs. spy ... ; ; ; Test Department [email protected];============================================================================== ; Assembler directives ;------------------------------------------------------------------------------ .386 ; specifies the processor our program want run on .Model Flat ,StdCall ; Flat for Win9x (32 Bit), Calling Convention option casemap:none ; case sensitive ! ;============================================================================== ; Include all files where API functins resist you want use, set correct path ;------------------------------------------------------------------------------ include D:\Masm32\include\windows.inc includelib kernel32.lib includelib user32.lib includelib shell32.lib includelib gdi32.lib includelib comctl32.lib Page 1
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
td_win32asm_710.asm;==============================================================================; Test Department's WINDOWS 32 BIT x86 ASSEMBLY example 710;==============================================================================
;==============================================================================; ==> Part 710 : NetSpy utility v0.07 >>> USE IT ON YOUR OWN RISC <<<;------------------------------------------------------------------------------
; Hi folks,;; Major changes since NetSpy v0.05 :; ===================================; Program stays on top now : increases speed for my PI 233 MHz.; Lookup function : improved.; Phonebook / Dial function : entry deleted, fixed now, I'm very sorry !; PortScanner function : code cosmetic, improved, much better now.; GetAdapterStatus : new powerfull function, replaces NICMAC function.; Settings : the AutoLog function is not included now ...
;; you must connected to the world wide web to get the program to full work.; The Network must be installed, at least you need 1 success connection.; If you have any Bug Reports, Tips, Sources, Doc's or Wishes please email me.;; Information:; -------------; dw_Size parameter of the RASDIALPARAMS structure is 041Ch, not 0419h !; dw_Size parameter of the RASENTRYNAME structure is 0108h, not 0105h !; dw_Size parameter of the RASCONN structure is 019Ch, not 019Bh !; dw_Size parameter of the RASCONNSTATUS structure is 00A0h, not 009Eh !
;; You see this structures are doubleword aligned.;;; spy vs. spy ...;;; Test Department [email protected]
; Assembler directives;------------------------------------------------------------------------------.386 ; specifies the processor our program want run on.Model Flat ,StdCall ; Flat for Win9x (32 Bit), Calling Conventionoption casemap:none ; case sensitive !
;==============================================================================; Include all files where API functins resist you want use, set correct path;------------------------------------------------------------------------------include D:\Masm32\include\windows.incincludelib kernel32.lib
;==============================================================================; Declaration of used API functions,take a look into WIN32.HLP and *.inc files;------------------------------------------------------------------------------
GetModuleHandleA PROTO :DWORDFindWindowA PROTO :DWORD,:DWORDLoadIconA PROTO :DWORD,:DWORDLoadCursorA PROTO :DWORD,:DWORDCreateSolidBrush PROTO :DWORDRegisterClassExA PROTO :DWORDCreateWindowExA PROTO :DWORD,:DWORD,:DWORD,:DWORD,:DWORD,:DWORD,:DWORD, :DWORD,:DWORD,:DWORD,:DWORD,:DWORDShowWindow PROTO :DWORD,:DWORDUpdateWindow PROTO :DWORD
GetMessageA PROTO :DWORD,:DWORD,:DWORD,:DWORDPeekMessageA PROTO :DWORD,:DWORD,:DWORD,:DWORD,:DWORDTranslateMessage PROTO :DWORDDispatchMessageA PROTO :DWORDPostQuitMessage PROTO :DWORDDefWindowProcA PROTO :DWORD,:DWORD,:DWORD,:DWORDExitProcess PROTO :DWORDDestroyWindow PROTO :DWORDMessageBoxA PROTO :DWORD,:DWORD,:DWORD,:DWORDSendMessageA PROTO :DWORD,:DWORD,:DWORD,:DWORDPostMessageA PROTO :DWORD,:DWORD,:DWORD,:DWORD
InvalidateRect PROTO :DWORD,:DWORD,:DWORDLoadBitmapA PROTO :DWORD,:DWORDDeleteObject PROTO :DWORDSetWindowTextA PROTO :DWORD,:DWORDGetWindowTextA PROTO :DWORD,:DWORD,:DWORDSetFocus PROTO :DWORDEnableWindow PROTO :DWORD,:DWORDSetWindowLongA PROTO :DWORD,:DWORD,:DWORDRegisterHotKey PROTO :DWORD,:DWORD,:DWORD,:DWORDGetAsyncKeyState PROTO :DWORD
LoadStringA PROTO :DWORD,:DWORD,:DWORD,:DWORDGetStockObject PROTO :DWORDShell_NotifyIconA PROTO :DWORD,:DWORDSetForegroundWindow PROTO :DWORDMoveWindow PROTO :DWORD,:DWORD,:DWORD,:DWORD,:DWORD,:DWORD
lstrcpyA PROTO :DWORD,:DWORDSleep PROTO :DWORD
CreatePopupMenu PROTOAppendMenuA PROTO :DWORD,:DWORD,:DWORD,:DWORD
GetCursorPos PROTO :DWORDTrackPopupMenuEx PROTO :DWORD,:DWORD,:DWORD,:DWORD,:DWORD,:DWORD
ImageList_Create PROTO :DWORD,:DWORD,:DWORD,:DWORD,:DWORD
td_win32asm_710.asmImageList_Add PROTO :DWORD,:DWORD,:DWORD
SetTimer PROTO :DWORD,:DWORD,:DWORD,:DWORDKillTimer PROTO :DWORD,:DWORD
RasEnumEntriesA PROTO :DWORD,:DWORD,:DWORD,:DWORD,:DWORDRasGetEntryDialParamsA PROTO :DWORD,:DWORD,:DWORD
RasEnumConnectionsA PROTO :DWORD,:DWORD,:DWORDRasGetConnectStatusA PROTO :DWORD,:DWORDRasDialA PROTO :DWORD,:DWORD,:DWORD,:DWORD,:DWORD,:DWORDRasHangUpA PROTO :DWORD
InitCommonControls PROTOCreateToolbarEx PROTO :DWORD,:DWORD,:DWORD,:DWORD,:DWORD,:DWORD,:DWORD, :DWORD,:DWORD,:DWORD,:DWORD,:DWORD,:DWORD
GetLocalTime PROTO :DWORD
GetDateFormatA PROTO :DWORD,:DWORD,:DWORD,:DWORD,:DWORD,:DWORDGetTimeFormatA PROTO :DWORD,:DWORD,:DWORD,:DWORD,:DWORD,:DWORD
GlobalAlloc PROTO :DWORD,:DWORDGlobalLock PROTO :DWORDGlobalUnlock PROTO :DWORDGlobalFree PROTO :DWORD
OpenClipboard PROTO :DWORDEmptyClipboard PROTOSetClipboardData PROTO :DWORD,:DWORD
CloseClipboard PROTO
WSAStartup PROTO :DWORD,:DWORDWSACleanup PROTOsocket PROTO :DWORD,:DWORD,:DWORDclosesocket PROTO :DWORDconnect PROTO :DWORD,:DWORD,:DWORDWSAAsyncSelect PROTO :DWORD,:DWORD,:DWORD,:DWORDWSAGetLastError PROTOgethostname PROTO :DWORD,:DWORD
gethostbyname PROTO :DWORDgethostbyaddr PROTO :DWORD,:DWORD,:DWORDinet_addr PROTO :DWORDinet_ntoa PROTO :DWORDhtons PROTO :DWORD
LoadLibraryA PROTO :DWORDGetProcAddress PROTO :DWORD,:DWORDFreeLibrary PROTO :DWORD
GetOpenFileNameA PROTO :DWORD
GetSaveFileNameA PROTO :DWORDCreateFileA PROTO :DWORD,:DWORD,:DWORD,:DWORD,:DWORD,:DWORD,:DWORDSetFilePointer PROTO :DWORD,:DWORD,:DWORD,:DWORDReadFile PROTO :DWORD,:DWORD,:DWORD,:DWORD,:DWORD
td_win32asm_710.asmPScanMenuItemAddItem db "Add entry",0PScanMenuItemDelSel db "Delete selected entry",0PScanMenuItemDelAll db "Delete all entries",0PScanMenuItemLoad db "Load Port List",0PScanMenuItemSave db "Save Port List",0PScanMenuItemCancel db "Cancel",0
t_LibaryName db "iphlpapi.dll",0t_GetAdaptersInfo db "GetAdaptersInfo",0
;==========> convert Hex to ASCII string and vice versatable_ASCII db 48,49,50,51,52,53,54,55,56,57,65,66,67,68,69,70table_HEX db 0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15table_SHIFT db 28,24,20,16,12,8,4,0
;==========> Date and Time, used by various functionsH0_Date db "Local Date",0
H1_Time db "Local Time",0align 4;==========> StartupWsVersion dd 0101h ;minimum version requestedH0_Startup db "NetSpy Startup",0
;==========> AutoSaveAutoSave_FileName db "netspy.set",0FileMark_Settings db 21h,0BDh,68h,3Ch,0FBh,0B2h,06h,97h,0EAh,13h,73h,65h,74h,30h,30h,37hFile_Dummy db 0E0h dup (0)
align 4;==========> SettingsTimeOut dd 2000AutoLog dd 1AutoSave dd 1H0_Settings db "NetSpy Program Settings",0H1_Settings db "Parameter",0Bu_Settings db "Confirm Settings",0W0_Settings db "TimeOut in ms :",0
W1_Settings db "TimeOut",0W2_Settings db "AutoLog",0W3_Settings db "AutoSave",0TimeOutMin db "10",0Enabled db "enabled",0Disabled db "disabled",0
;==========> LookupH0_Lookup db "Lookup",0H1_Lookup db "Name / IP",0E0_Lookup db "Name / IP not found",0
Bu_Lookup db "Lookup",0W0_Lookup db "Name / IP :",0
td_win32asm_710.asm;==========> PhonebookPhonebook_Entries dd 0hPhonebook_Password dd 0hH0_Phonebook db "Phonebook",0H1_Phonebook db "Phone Number",0H2_Phonebook db "User Name",0H3_Phonebook db "Password",0
E0_Phonebook db "Phonebook error",0Bu_Phonebook db "Phonebook",0
H0_RASDial db "RASDial",0H1_RASDial db "Phone Number",0H2_RASDial db "User Name",0H3_RASDial db "Password",0H4_RASDial db "Status",0E0_RASDial db "RASDial error",0Bu_RASDial db "RASDial",0W0_RASDial db "Phone Number :",0W1_RASDial db "User :",0W2_RASDial db "Password :",0M0_RASDial db "Dialing",0
M1_RASDial db "Connect",0M2_RASDial db "Failure",0DialviaNumber db "Dial via Phone Number",0
;==========> LocalHostH0_LocalHost db "LocalHost",0H1_LocalHost db "IP",0Bu_LocalHost db "Local Host",0
align 4
;==========> ActiveRASActiveRAS_Connections dd 0hH0_ActiveRAS db "Active Modem RAS Connection",0E0_ActiveRAS db "No active modem connection",0Bu_ActiveRAS db "Active RAS",0
X2_PortScan db "a.b.c.d",0X4_PortScan db "1",0X6_PortScan db "200",0H0_PortScan db "Port Scanner",0H1_PortScan db "Port",0H2_PortScan db "Status",0H5_PortScan db "Port List",0E0_PortScan db "Undefined error",0Bu_PortScan db "Scan Ports",0W1_PortScan db "Name / IP :",0W2_PortScan db 104h dup (0)W3_PortScan db "Start Port :",0W4_PortScan db 6 dup (0)W5_PortScan db "End Port :",0W6_PortScan db 6 dup (0)W7_PortScan db "Scan via Port List",0W8_PortPositiveList db "List TimeOuts",0M1_PortScan db "Connectable",0M2_PortScan db "Function arborted",0EmptyPortScan db 0,0FileMark_PortList db 21h,0BDh,68h,3Ch,0FBh,0B2h,06h,97h,0EAh,13h,70h,72h,74h,30h,30h,37h
PortFileFilter db "Port List Files (*.prt)",0,"*.prt",0,0 ;file filterPortFileDefExt db "prt",0 ;default extension for portlist filePortFileName db 104h dup(0),0 ;buffer for filenamePortFileLoadT db "Load Port List",0 ;titel fileboxPortFileSaveT db "Save Port List",0 ;titel filebox
;==========> Get Adapters InfoM0_GAI db "OTHER",0M1_GAI db "ETHERNET",0M2_GAI db "TOKEN_RING",0
M3_GAI db "FDDI",0M4_GAI db "PPP",0M5_GAI db "LOOPBACK",0M6_GAI db "SLIP",0M9_GAI db "UNKNOWN",0
H0_GAI db "Description",0H1_GAI db "MAC address",0;H2_GAI db "Adapter Type",0H3_GAI db "Current IP address",0H4_GAI db "Subnet Mask",0
H5_GAI db "Standard Gateway",0H6_GAI db "DHCP Server",0Bu_GAI db "Get Adapters Info",0E0_GAI db "Network Interface Card not found",0
td_win32asm_710.asmnid_uCallbackMessage dd ? ;identifier for notification messagesnid_hIcon dd ? ;handle icon to add, modify or deletenid_szTip db 64 dup(?) ;tooltip text displays for taskbar icon
align 4; - WSADATA structure -wsa_wVersion dw ? ;look into Win32.hlpwsa_wHighVersion dw ?wsa_szDescription db 101h dup (?)wsa_szSystemStatus db 81h dup (?)wsa_iMaxSockets dw ?wsa_iMaxUdpDg dw ?wsa_lpVendorInfo dd ?
;==============================================================================; .CODE = our code area starts here Main = label of our program code;------------------------------------------------------------------------------
; API "SendMessageA" sends a message to the window;------------------------------------------------------------------------------push 1h ;lParam, LVNI_FOCUSED=1h, LVNI_SELECTED=2hpush -1 ;wParam,index item begin search or -1 firstpush 100Ch ;uMsg, LVM_FIRST=1000h | LVM_GETNEXTITEM=12push temp ;hwnd, handle of destination windowcall SendMessageA ;- API Function -push eax ;save EAX for future usemov edx,4hmul edx
mov counter,eax ;item index in EAXmov eax,counter1mov esi,[ebx+32] ;get pointer to the currently edited textcall My_StringDecNrtoHexDD ;- SubRoutine -
_ g_cmp eax,111h ;check if WM_COMMAND message recievedjne WP1_uMsg_112h ;if not goto labelmov eax,WP1_wParam ;extra info about the message in ax
WP1_wParam_04F0h:cmp ax,04F0h ;is it tray popup menu item 04F0h = Restorejne WP1_wParam_04F1h ;if not 01h goto LABELcall My_TrayToScreen ;-SubRoutine -jmp WP1_return ;
WP1_wParam_04F1h:cmp ax,04F1h ;is it tray popup menu item 04F1h = Exitjne WP1_uMsg_111h_900h ;;------------------------------------------------------------------------------; API "Shell_NotifyIconA" here deletes the icon from the taskbar;------------------------------------------------------------------------------push OFFSET nid_cbSize ;pnid, pointer NOTIFYICONDATA structure
push 2h ;dwMessage, ID msg. send, 2h=NIM_DELETEcall Shell_NotifyIconA ;- API Function -;------------------------------------------------------------------------------; API "DestroyWindow" destroys the main program;------------------------------------------------------------------------------push WP1_hWnd ;hMenu, handle of main windowcall DestroyWindow ;- API Function -jmp WP1_return ;
jne WP1_uMsg_111h_2011h_Savemov Var_PortListItems,0hjmp WP1_returnWP1_uMsg_111h_2011h_Save:mov LVI_iSubItem,0hmov LVI_pszText,OFFSET Buffermov LVI_cchTextMax,6h;------------------------------------------------------------------------------; API "SendMessageA" sends a message to the window;------------------------------------------------------------------------------push OFFSET LVI_mask ;lParam, pcol, pointer LV_ITEM structurepush counter1 ;wParam, Index of the list view itempush 102Dh ;uMsg, LVM_FIRST=1000h | LVM_GETITEMTEXT=45push temp ;hwnd, handle of destination windowcall SendMessageA ;- API Function -mov esi,OFFSET Buffer ;get pointer to the currently edited textcall My_StringDecNrtoHexDD ;- SubRoutine -
mov eax,counter1mov edx,4hmul edxmov edx,OFFSET Buf_PortScanListadd edx,eaxmov [edx],ediinc counter1mov eax,counter1cmp eax,counterjbe WP1_uMsg_111h_2011h_Savedec Var_PortListItemsjmp WP1_returnWP1_uMsg_111h_2012h:cmp ax,2012h ;check if delete all entries choosenjne WP1_uMsg_111h_2013h ;if not skipcall My_SetFocus_ListView ;- SubRoutine -;------------------------------------------------------------------------------; API "SendMessageA" sends a message to the window;------------------------------------------------------------------------------push 0h ;lParam, set to 0push 0h ;wParam, set to 0
push 1009h ;uMsg,LVM_FIRST=1000h|LVM_DELETEALLITEMS=9push temp ;hwnd, handle of destination windowcall SendMessageA ;- API Function -mov Var_PortListItems,0hjmp WP1_return
WP1_uMsg_111h_2013h:cmp ax,2013h ;check if delete all entries choosenjne WP1_uMsg_111h_2014h ;if not skipmov lStructSize,4Ch ;length in bytes of structuremov eax,WP1_hWndmov hwndOwner,eax ;id window that owns dialog boxmov eax,hInstancemov hInstance1,eax ;handle, our program id
td_win32asm_710.asm; API "MessageBoxA" creates a message box if choosen file is not a NetSpy file;------------------------------------------------------------------------------
push 30h ;uType, 0=MB_OK, 30h=MB_ICONEXCLAMATIONpush OFFSET MB2_Title ;lpCaption,pointer to title textpush OFFSET MB2_Text ;lpText,pointer to text message boxpush WP1_hWnd ;handle of owner windowcall MessageBoxA ;- API Function -jmp WP1_uMsg_111h_2013h_Return
My_PortList_CheckMark_OK:inc esiinc ediinc ecxcmp ecx,10hjne My_PortList_CheckMark;------------------------------------------------------------------------------; API "ReadFile" reads data from a file;------------------------------------------------------------------------------push 0h ;lpOverlapped, structure overlapped I/O
push OFFSET FileReturn ;lpNumberOfBytesWritten,push 4h ;nNumberOfBytesToWrite, bytes to writepush OFFSET Var_PortListItems ;lpBuffer, address data write to filepush FileHandle ;hFile, handle of file to write tocall ReadFile ;- API Function -push 0hpush OFFSET FileReturnpush 0Chpush OFFSET File_Dummypush FileHandlecall ReadFile ;- API Function -
push 0hpush OFFSET FileReturnpush 400hpush OFFSET Buf_PortScanListpush FileHandlecall ReadFile ;- API Function -mov ecx,Var_PortListItemscmp ecx,0hje WP1_uMsg_111h_2013h_Returnmov eax,hWnd_LV_PortList
td_win32asm_710.asm; API "WriteFile" writes data to a file;------------------------------------------------------------------------------push 0h ;lpOverlapped structure overlapped I/O
push 0h ;lpOverlapped, structure overlapped I/Opush OFFSET FileReturn ;lpNumberOfBytesWritten,push 10h ;nNumberOfBytesToWrite, bytes to writepush OFFSET FileMark_PortList ;lpBuffer, address data write to filepush FileHandle ;hFile, handle of file to write tocall WriteFile ;- API Function -
push FileHandlecall WriteFile ;- API Function -push 0hpush OFFSET FileReturnpush 400hpush OFFSET Buf_PortScanListpush FileHandlecall WriteFile ;- API Function -WP1_uMsg_111h_2014h_Return:;------------------------------------------------------------------------------; API "CloseHandle" closes an open object handle.
;------------------------------------------------------------------------------push FileHandle ;hObject, handle of object to closecall CloseHandle ;- API Function -jmp WP1_return
;==============================================================================; WM_SYSCOMMAND (value=112h) message recieved ?;------------------------------------------------------------------------------WP1_uMsg_112h:cmp eax,112h ;check if WM_COMMAND message recievedjne WP1_uMsg_113h ;if not goto labelmov eax,WP1_wParam ;extra info about the message
push 0hpush hMainPopupcall AppendMenuA ;- API Function -push 0h
push 0hpush 800h ;uFlags, menu item flags, 800h=MF_SEPARATORpush hMainPopupcall AppendMenuA ;- API Function -push OFFSET MainMenuItemCancelpush 2009hpush 0hpush hMainPopupcall AppendMenuA ;- API Function -;------------------------------------------------------------------------------; API "CreatePopupMenu" creates an empty popup menu;------------------------------------------------------------------------------call CreatePopupMenu ;- API Function -mov hPortListPopup,eax ;return value=handle of popup menu;------------------------------------------------------------------------------; API "AppendMenuA" appends a new menu item to the end of the specified menu; uIDNewItem --> menu items ID's are a free value of your choice;------------------------------------------------------------------------------push OFFSET PScanMenuItemAddItem ;lpNewItem, menu item contentpush 2010h ;uIDNewItem,menu item id or menu handlepush 0h ;uFlags, menu item flags, 0h=MF_STRING
push hPortListPopup ;hMenu, handle of popup menucall AppendMenuA ;- API Function -push OFFSET PScanMenuItemDelSelpush 2011hpush 0hpush hPortListPopupcall AppendMenuA ;- API Function -push OFFSET PScanMenuItemDelAllpush 2012hpush 0hpush hPortListPopupcall AppendMenuA ;- API Function -push 0hpush 0hpush 800h ;uFlags, menu item flags, 800h=MF_SEPARATORpush hPortListPopupcall AppendMenuA ;- API Function -push OFFSET PScanMenuItemLoadpush 2013hpush 0hpush hPortListPopup
call AppendMenuA ;- API Function -push OFFSET PScanMenuItemSavepush 2014h
td_win32asm_710.asmpush hObj_Toolbar ;hObject, handle of graphic objectcall DeleteObject ;- API Function -;------------------------------------------------------------------------------; API "SendMessageA" sends a message to the window;------------------------------------------------------------------------------push hImageList_Help ;lParam, himl, handle image list to assignpush 1h ;wParam iImageList type LVSIL SMALL=1h
;@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@; This Subroutines are used on Startup or if we choose a function from toolbar;@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@My_Run_Startup:mov eax,hWnd_LV_Startupmov temp,eaxmov ebx,OFFSET wsa_szDescription;lParam, lpsz, address of string to addcall My_LVM_INSERTITEM ;- SubRoutine -call My_GetLocalTime ;- SubRoutine -call My_GetDateFormat ;- SubRoutine -mov ebx,OFFSET Buffermov LVI_iSubItem,1hcall My_LVM_SETITEM ;- SubRoutine -call My_GetTimeFormat ;- SubRoutine -
My_Init_ActiveRAS:call My_DestroyWindow1 ;- SubRoutine -call My_SetWindowLongA_0 ;- SubRoutine -;------------------------------------------------------------------------------; API "SetWindowLong" changes an attribute of the specified window.;------------------------------------------------------------------------------push 50000005h ;lNewLong, new value, WS_CHILDpush -16 ;nIndex, offset value to set, GWL_STYLE
push hWnd_LV_ActiveRAS ;hwnd, handle of windowcall SetWindowLongA ;- API Function -;------------------------------------------------------------------------------; API "SetWindowTextA" set's the text of the specified window's title bar.;------------------------------------------------------------------------------push OFFSET Bu_ActiveRAS ;lpsz, address of stringpush hWnd_Action ;hwnd, handle of window or controlcall SetWindowTextA ;- API Function -call My_Create_Logo ;- SubRoutine -call My_InvalidateRect ;- SubRoutine -
call My_SetFocus_Action ;- SubRoutine -ret
My_Run_ActiveRAS:mov eax,hWnd_LV_ActiveRASmov temp,eaxcall My_EnableWindow0 ;- SubRoutine -cmp flag_RASDialviaNumber,1h ;dial via phone number ?jne My_Run_ActiveRAS_Entry;------------------------------------------------------------------------------; API "RasGetConnectStatus" retrieves information on the current status of the; specified remote access connection;------------------------------------------------------------------------------
Page 74
td_win32asm_710.asmpush OFFSET rasstatus_dwSize ;lprasconnstatus,buffer receive status datapush hrascon ;hrasconn,handle RAS connection of interestcall RasGetConnectStatusA ;- API Function -mov ebx,OFFSET DialviaNumbercmp rasstatus_rasconnstate,2 ;RASCS_ConnectDevice ? = are we onlineje My_Run_ActiveRAS_Returnmov ebx,OFFSET E0_ActiveRAS ;pointer to error messagejmp My_Run_ActiveRAS_Return
mov BufferSize,10000hmov counter,8hmov eax,OFFSET Buffermov ebx,19Chmov [eax],ebx;------------------------------------------------------------------------------; API "RasEnumConnections" lists all active Remote Access Service connections.;------------------------------------------------------------------------------push OFFSET ActiveRAS_Connections;lpcConnections, # connections written buffpush OFFSET BufferSize ;lpcb, size in bytes of buffer
td_win32asm_710.asmpush WP1_hWnd ;lpParameter, argument for new threadpush OFFSET My_Thread_PortScan ;lpStartAddress, address of thread functionpush 0h ;dwStackSize, init thread stack size, in dbpush 0h ;lpThreadAttributes, address security attr.call CreateThread ;- API Function -mov PortScan_hThread,eax ;thread handle;------------------------------------------------------------------------------; SetThreadPriority function sets the priority value for the specified thread.;------------------------------------------------------------------------------
push 15 ;nPriority THREAD PRIORITY TIME CRITICAL=15h P tS hTh d hTh d h dl t th th d
push 15 ;nPriority,THREAD_PRIORITY_TIME_CRITICAL=15push PortScan_hThread ;hThread, handle to the threadcall SetThreadPriority ;- API Function -;------------------------------------------------------------------------------; API "CloseHandle" closes an open object handle;------------------------------------------------------------------------------push PortScan_ThreadID ;hObject, handle of object to closecall CloseHandle ;- API Function -My_Run_PortScan_Return:ret
My_Thread_PortScan:;##############################################################################; The Thread for the PortScanner function;##############################################################################push ebp ;create stack framemov ebp,esppushadmov eax,hWnd_LV_PortScanmov temp,eaxmov edi,Var_PortScanStart
td_win32asm_710.asmcall closesocket ;- API Function -;------------------------------------------------------------------------------; API "PeekMessage" checks a thread message queue for a message and places the; message (if any) in the specified structure. Here clear message queue.;------------------------------------------------------------------------------push 1h ;wRemoveMsg, removal flags, PM_REMOVEpush 1000h ;uMsgFilterMax, last messagepush 1000h ;uMsgFilterMin, first messagepush WP1_hWnd ;hWnd, handle of window
push OFFSET hWnd ;lpMsg, address of structure for messagecall PeekMessageA ;- API Function -
p ; p g, gcall PeekMessageA ; API Function cmp Flag_PortScanThread,1hje My_Thread_PortScan_Calccmp counter,11001 ;WSAHOST_NOT_FOUNDje My_Thread_PortScan_Endcmp Flag_PortScanTimeOut,1hje My_Thread_PortScan_Calccmp counter,12000 ;<<< User defined Timeout >>>jne My_Thread_PortScan_Calccall My_LVM_DELETEITEM
jne My_Thread_PortScan_LoopMy_Thread_PortScan_End:call My_LVM_SETITEMSTATE ;- SubRoutine -call My_SetFocus_ListView ;- SubRoutine -call My_EnableWindow1 ;- SubRoutine -;------------------------------------------------------------------------------; API "ExitThread" ends a thread;------------------------------------------------------------------------------push 0h ;dwExitCode, exit code for this threadcall ExitThread ;- API Function -popad
My_Run_Help:;------------------------------------------------------------------------------; API "MessageBoxA" creates a message box ...;------------------------------------------------------------------------------push 40h ;uType,style,MB_ICONINFORMATION=40h,0=MB_OK Buttonpush OFFSET MB18_Title ;lpCaption,pointer to title textpush OFFSET MB18_Text ;lpText,pointer to text message box
push WP1_hWnd ;handle of owner windowcall MessageBoxA ;- API Function -ret
;@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@; This Subroutines are used from several functions and for several reasons !!!;@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@My_StringDecNrtoHexDD:;------------------------------------------------------------------------------
; Converts a DECIMAL NUMBER STRING (OFFSET ESI) with max. Character (EAX) into; a 32 Bit value in EDI.;------------------------------------------------------------------------------mov ecx,eaxdec ecxadd esi,ecxmov edi,0hmov eax,1My_StringDecNrtoHexDD_Loop:mov bl,[esi]
and bl,0Fhje My_StringDecNrtoHexDD_NextMy_StringDecNrtoHexDD_Inc:add edi,eaxdec bljne My_StringDecNrtoHexDD_IncMy_StringDecNrtoHexDD_Next:mov edx,10mul edxdec esidec ecx
My_HexDBtoStringHex:;------------------------------------------------------------------------------; Converts a 8 bit value in AL into an ascii hexadecimal string to OFFSET EDX;------------------------------------------------------------------------------mov ah,al ;prepare calculationshr ah,4h
My_HexDDtoStringHex:;------------------------------------------------------------------------------; Converts a 32 bit value in ESI into an ascii hexadecimal string to OFFSET EDI;------------------------------------------------------------------------------mov counter1,0hMy_HexDDtoStringHex_Next:mov counter,0hMy_HexDDtoStringHex_Loop:mov edx,OFFSET table_HEXadd edx,counter
My_TrayToScreen:;------------------------------------------------------------------------------; API "Shell_NotifyIconA" here deletes the icon from the taskbar;------------------------------------------------------------------------------push OFFSET nid_cbSize ;pnid, pointer NOTIFYICONDATA structurepush 2h ;dwMessage, ID msg. send, 2h=NIM_DELETEcall Shell_NotifyIconA ;- API Function -;------------------------------------------------------------------------------; API "ShowWindow" function sets the specified window's show state.;------------------------------------------------------------------------------
My_GetLocalTime:;------------------------------------------------------------------------------; API "GetLocalTime" retrieves the current local date and time.;------------------------------------------------------------------------------
ppush FileHandlecall WriteFile ;- API Function -push 0hpush OFFSET FileReturnpush 4hpush OFFSET Var_PortListItems
push FileHandlecall WriteFile ;- API Function -push 0hpush OFFSET FileReturnpush 0E0hpush OFFSET File_Dummypush FileHandlecall WriteFile ;- API Function -push 0hpush OFFSET FileReturnpush 400h
push OFFSET Buf_PortScanListpush FileHandlecall WriteFile ;- API Function -My_AutoSave_Return:;------------------------------------------------------------------------------; API "CloseHandle" closes an open object handle.;------------------------------------------------------------------------------push FileHandle ;hObject, handle of object to closecall CloseHandle ;- API Function -ret
My_AutoLoad:;------------------------------------------------------------------------------; API "CreateFileA" creates or opens a file, returns a handle to access object.;------------------------------------------------------------------------------push 0h ;hTemplateFile,push 80h ;dwFlagsAndAttributes, normal = 80hpush 3h ;dwCreationDistribution, OPEN_EXISTING=3hpush 0h ;lpSecurityAttributes,push 0h ;dwShareMode,push 80000000h ;dwDesiredAccess, GENERIC_READ
push OFFSET AutoSave_FileName ;lpFileName,pointer to filenamePage 114
td_win32asm_710.asmcall CreateFileA ;- API Function -cmp eax,-1 ;INVALID_HANDLE_VALUE = -1je My_AutoLoad_Return ;mov FileHandle,eax ;store handle in variable;------------------------------------------------------------------------------; API "ReadFile" reads data from a file ==> Mark;------------------------------------------------------------------------------push 0h ;lpOverlapped, structure overlapped I/Opush OFFSET FileReturn ;lpNumberOfBytesWritten,push 10h ;nNumberOfBytesToWrite, bytes to read
push OFFSET Buffer ;lpBuffer, address data read from filepush FileHandle ;hFile, handle of file to write tocall ReadFile ;- API Function -mov ecx,0h ;check if it is a correct netspy set file
jne My_AutoLoad_Return ;inc esi ;inc edi ;inc ecx ;cmp ecx,10h ;jne My_AutoLoad_CheckMark ;;------------------------------------------------------------------------------; API "ReadFile" reads data from a file;------------------------------------------------------------------------------push 0h ;lpOverlapped, structure overlapped I/Opush OFFSET FileReturn ;lpNumberOfBytesWritten,
push 4h ;nNumberOfBytesToWrite, bytes to writepush OFFSET AutoLog ;lpBuffer, address data write to filepush FileHandle ;hFile, handle of file to write tocall ReadFile ;- API Function -push 0hpush OFFSET FileReturnpush 4hpush OFFSET AutoSavepush FileHandlecall ReadFile
push 0hpush OFFSET FileReturnpush 4hpush OFFSET TimeOutpush FileHandlecall ReadFile ;- API Function -push 0hpush OFFSET FileReturnpush 4hpush OFFSET Var_PortListItemspush FileHandle
call ReadFile ;- API Function -Page 115
td_win32asm_710.asmpush 0hpush OFFSET FileReturnpush 0E0hpush OFFSET File_Dummypush FileHandlecall ReadFile ;- API Function -push 0hpush OFFSET FileReturnpush 400hpush OFFSET Buf_PortScanList
push FileHandlecall ReadFile ;- API Function -My_AutoLoad_Return:;------------------------------------------------------------------------------
; API "CloseHandle" closes an open object handle.;------------------------------------------------------------------------------push FileHandle ;hObject, handle of object to closecall CloseHandle ;- API Function -ret
;==============================================================================; end Main = end of our program code;------------------------------------------------------------------------------end Main ;end of our program code, entry point
;==============================================================================; To create the exe file use this commands with your Microsoft Assembler/Linker;------------------------------------------------------------------------------; ml.exe /c /coff td_win32asm_710.asm ;asm command; rc.exe /v rsrc.rc ;rc command; cvtres.exe /machine:ix86 rsrc.res